Privacy Policy

This is the Internet.
You should expect no privacy.

That's about as simple as I can make it.

All unencrypted communication by Internet,
telephone, and fax is subject to interception
and archiving.
Belief otherwise is folly.
Belief that this is somehow changed by stern corporate
announcements of wishes for deletion of misdirected
e-mail messages by unintended recipients
is arrogant folly.
Judging by the silly disclaimers that so many
corporations require at the ends of outgoing
messages, arrogant folly is awfully common.

It is easy for governments to intercept traffic because
Internet and telephone traffic must pass through
a limited number of backbone interconnection points.
The governments simply obligate the
telecommunications companies to provide access,
or even to do the data collection on behalf of
the government.
Yes, this process was greatly expanded in the U.S.
during the Cheney/Bush administration,
but it had already been underway for many years.
See, for example:

For anonymous browsing, you could try using an
anonymizer
web proxy, although that only obscures the server's view of
things.
Your ISP still sees exactly what you're doing unless the
anonymizer also uses
SSL/TLS.

Log errors, such as requests for pages that don't
exist (some page, possibly one of mine, has a broken link)
and silly requests from lazy and cheap bloggers
to make my server do the heavy work of
filling their pages with my images:ErrorLog logs/error_logLogLevel warn

Log information about referers,
including your IP address, the link you clicked on to get here,
and the here that you viewed.
Notice that if you come from a search engine results page,
the URL of that referring page will show the search you
made to find my page:CustomLog logs/referer_log referer env=!is-image

Through the magic of
PHP
embedded within this page and executing on the server
before serving up this page, it sees that
your IP address is
54.225.47.124
and local time at the server is
23:09:58 on 17 Aug 17
and so a line like the following just got added to
/var/www/logs/access_log because of your request:

If you arrived at this page by clicking on the
"privacy policy here" link at the bottom of the
main page,
then the following would had just been added to
/var/www/logs/referer_log because of your request:

http://cromwell-intl.com/ -> /security/privacy-policy.html

If, however, you somehow reached this page
by asking a search engine to find it,
the referer string is more complicated but still readable.
Here's a real example of someone
at IP address 122.57.185.236, which resolves to
122-57-185-236.jetstream.xtra.co.nz
(this looks like a customer of a New Zealand ISP)
loading
an Internet radio page of mine
through a search for:vladivostok radio
at
Google's New Zealand search interface:

Some of the referrer entries are empty.
In that case, the client was behind a corporate firewall
that functions as an invisible web proxy.
To the client, it appears that the connection is made
directly to my server.
Really, the corporate firewall intercepts the connection
attempt, decides whether it is allowed or not, and if so,
makes the connection on behalf of the client but with
the referrer information stripped out.

In that case, I don't get to see what page referred you
to mine.
However, your corporation has logged everything
about your Internet activity.

Google AdSense and cookies

I have Google AdSense ads on my pages.
See the little box of links to the right of this paragraph.
Also see the banner across the top of the page,
the large rectangle near the top, and the "skyscraper" ad
between there and here.

To make that "link unit" appear, this page just had a single
line of PHP:<?php @ include ('../ads/link-unit-180x90.html'); ?>
That directed the server to replace that PHP code with
the following block of JavaScript code
before sending the page to your browser:

If your browser has JavaScript enabled, then it made a
request for /pagead/show_ads.js from the Google server
pagead2.googlesyndication.com with those specific
"ad client" and "ad slot" parameters set to give me the
credit for showing you the ad (maybe about US$ 0.0001),
and if you happened to click on the ad, the credit for
sending you to the advertisement
(anywhere from US$ 0 to maybe 2.00, but generally at the very
low end of that range).

Now, Google used to just serve up ads based on their search
index's notion of what this page is about.
But in April 2009 Google announced a plan to use cookies
to try to figure out what your interests are as
opposed to just using what this page seems to be about.
These would be "id" cookies from doubleclick.net.

If you notice a cookie transaction when loading any of
my pages, it is because of Google AdSense.

I certainly don't care what other pages you look at.
What little I see in looking at the referer log data once
in a great while is far more than enough information
along those lines....

Google says that you can go to
their Ads Preference manager
to see what Google thinks your interests are,
and to opt out of the cookie tracking.
Then AdSense ads will still appear, but they will be based
only on the page contents and not Google's notion of
your interests.

What is the PHP trick to show
client IP address and server local time?

It's pretty simple.
The HTML code for that paragraph looks like this:

<p>
Through the magic of
<a href="http://www.php.net/">PHP</a>
embedded within this page and executing on the server
before serving up this page, it sees that
<b>your IP address is <?php echo $_SERVER['REMOTE_ADDR']; ?> </b>
and <b>local time at the server is
<?php echo date("H:i:s");
echo " on ";
echo date("d M y"); ?> </b>
and so something like the following just got added to
<tt>/var/www/logs/access_log</tt> because of your request:
</p>